US20120110128A1 - Methods, apparatus and articles of manufacture to route policy requests - Google Patents

Methods, apparatus and articles of manufacture to route policy requests Download PDF

Info

Publication number
US20120110128A1
US20120110128A1 US12/915,672 US91567210A US2012110128A1 US 20120110128 A1 US20120110128 A1 US 20120110128A1 US 91567210 A US91567210 A US 91567210A US 2012110128 A1 US2012110128 A1 US 2012110128A1
Authority
US
United States
Prior art keywords
policy
request
server
requestor
policy request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US12/915,672
Other versions
US8880666B2 (en
Inventor
Jeffrey A. Aaron
Robert C. Streijl
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AT&T Intellectual Property I LP
Original Assignee
AT&T Intellectual Property I LP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by AT&T Intellectual Property I LP filed Critical AT&T Intellectual Property I LP
Priority to US12/915,672 priority Critical patent/US8880666B2/en
Assigned to AT&T INTELLECTUAL PROPERTY I, L.P. reassignment AT&T INTELLECTUAL PROPERTY I, L.P. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: AARON, JEFFREY A., STREIJL, ROBERT C.
Publication of US20120110128A1 publication Critical patent/US20120110128A1/en
Application granted granted Critical
Publication of US8880666B2 publication Critical patent/US8880666B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/101Server selection for load balancing based on network conditions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0894Policy-based network configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/1066Session management
    • H04L65/1069Session establishment or de-establishment
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1008Server selection for load balancing based on parameters of servers, e.g. available memory or workload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1027Persistence of sessions during load balancing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1029Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers using data related to the state of servers by a load balancer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1036Load balancing of requests to servers for services different from user content provisioning, e.g. load balancing across domain name servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • H04L41/0273Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols using web services for network management, e.g. simple object access protocol [SOAP]
    • H04L41/028Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols using web services for network management, e.g. simple object access protocol [SOAP] for synchronisation between service call and response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/302Route determination based on requested QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/15Flow control; Congestion control in relation to multipoint traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/78Architectures of resource allocation
    • H04L47/781Centralised allocation of resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/80Actions related to the user profile or the type of traffic
    • H04L47/805QOS or priority aware
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/80Responding to QoS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1004Server selection for load balancing
    • H04L67/1021Server selection for load balancing based on client or server locations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/021Services related to particular areas, e.g. point of interest [POI] services, venue services or geofences

Definitions

  • This disclosure relates generally to policy requests, and, more particularly, to methods, apparatus and articles of manufacture to route policy requests.
  • a policy represents and/or defines one or more rules that are applied to determine present and future decisions and/or actions.
  • policies represent and/or define rules that are applied to administer, manage and/or control access to communication resources.
  • FIG. 1 is a schematic illustration of an example communication system implemented in accordance with the teachings of this disclosure.
  • FIG. 2 illustrates an example manner of implementing any of the example policy requestors of FIG. 1 .
  • FIGS. 3-5 illustrate example interactions and example processes that may be embodied as machine-accessible instructions and executed by, for example, one or more processors to implement the example policy requestors and/or the example policy request router of FIGS. 1 and 2 .
  • FIG. 6 is a schematic illustration of an example processor platform that may be used and/or programmed to execute the example machine-accessible instructions represented by FIGS. 3-5 to implement the example network of FIG. 1 .
  • a disclosed example method includes receiving, at a policy request router, a policy request from a policy requestor, applying, at the policy request router, a rule to a parameter representing a network condition to select a policy server for the policy request, and sending from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • a disclosed example policy request routing apparatus includes a communication module to receive a policy request from a policy requestor, and a decision engine to apply a rule to a value representing a network condition to select a policy server for the policy request, and send from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • Another disclosed example method includes sending a policy request to a policy request router, receiving from the policy request router an identifier representing a policy server, and sending the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • a disclosed example policy request apparatus includes a computer-readable storage medium to store a provisioned address of a policy request router, and a policy request routing module to send a policy request to the policy request router based on the provisioned address, receive from the policy request router an identifier representing a policy server, and send the policy request to the policy server based on the received identifier, the policy server to enforce a policy associated with the policy request.
  • FIG. 1 illustrates an example communication system 100 .
  • the example communication system 100 of FIG. 1 implements any number and/or type(s) of communication devices 105 - 107 including a respective policy requestor 110 , any number and/or type(s) of policy servers 115 - 117 , and any number and/or type(s) of policy enforcers 118 . While in FIG. 1 the policy requestors 110 , the policy servers 115 - 117 and the policy enforcers 118 are depicted separately, in some examples, a particular communication device may implement any combination of a policy requestor 110 and a policy enforcer 118 , a policy server 115 - 117 and a policy enforcer 118 . Further, a policy requestor 110 , a policy server 115 - 117 and a policy enforcer 118 may be communicatively coupled via a transport plane, a signaling plane and/or a control plane of the example communication system 100 .
  • the communication devices 105 - 107 of FIG. 1 are communicatively coupled to the example policy servers 115 - 117 and the policy enforcer 118 via any number and/or type(s) of public and/or private communication network(s) 120 .
  • the example network 120 includes transport, signaling and/or control planes.
  • the example policy servers 115 - 117 of FIG. 1 make policy decisions for or on behalf other network or communication devices of the communication system 100 , such as the example devices 105 - 107 and/or the example policy enforcer 118 .
  • a policy requestor 110 sends a policy request to a policy server 115 - 117 to trigger the policy server 115 - 117 to apply one or more policies for and/or on behalf of the device 105 - 107 associated with the policy requestor 110 .
  • Example policies that may be applied include, but are not limited to, quality of service (QoS) policies, security policies, remote access policies, and/or user authentication policies.
  • QoS quality of service
  • the policy requestor 110 of the example device 105 may send a network access request to one of the policy servers 115 - 117 to authenticate and/or authorize a user associated with the device 105 for access to the communication system 100 .
  • Example communication devices 105 - 107 include, but are not limited to, a wireless user endpoint (e.g., a smartphone), a session border controller (SBC), an application or service element (e.g., a server, a module, etc.), a gateway general packet radio service (GPRS) support node (GGSN), a broadband remote access server (BRAS), a digital subscriber line access multiplexer (DSLAM), a feature server, a call session control function server, a residential gateway (RG) and/or any other number and/or type(s) of home network and/or communication devices.
  • a communication device 105 - 107 may be implemented as hardware or any combination of hardware, software and firmware.
  • policy enforcers 118 are implemented at, in and/or by network elements that traverse user data packets, signaling packets and/or control packets.
  • Example policy enforcers 118 include, but are not limited to,), an SBC, an application or service element (e.g., a server, a module, etc.), a GGSN, a BRAS, a DSLAM, a media gateway, a feature server and/or a call session control function server.
  • a policy enforcer 118 comprises a logical entity embodied as machine-accessible instructions and executing on one or more processors of, for example, a server, router, gateway, control, signaling or any other communication service providing device.
  • Example policy servers 115 - 117 include, but are not limited to, a policy and charging rules function (PCRF), a service policy decision function (S-PDF), a policy decision functional element (PD-FE), or any other centralized server and/or workstation, and/or distributed servers and/or workstations.
  • a policy server 115 - 117 comprises a policy decision function (PDF) or a policy decision point (PDP) implemented as a logical entity embodied as machine-accessible instructions and executing on one or more processors of, for example, a server, router, gateway or any other communication service providing device. As shown in FIG.
  • PCRF policy and charging rules function
  • S-PDF service policy decision function
  • PD-FE policy decision functional element
  • a policy server 115 - 117 comprises a policy decision function (PDF) or a policy decision point (PDP) implemented as a logical entity embodied as machine-accessible instructions and executing on one or more processors of, for example, a server, router, gateway or any other
  • a policy server 115 - 117 may query and/or consult a user policy database (UPD) 125 such as a subscription profile repository (SPR), a home subscriber server (HSS) and/or a common customer profile (CCP) during application of a policy.
  • UPD user policy database
  • SPR subscription profile repository
  • HSS home subscriber server
  • CCP common customer profile
  • the policy server 115 - 117 to which a policy requestor 110 sends a particular type of policy request is statically provisioned, associated with and/or configured into the policy requestor 110 and/or into the device 105 - 107 associated with the policy requestor 110 .
  • the static configuration/association or assignment of policy servers 115 - 117 becomes impractical.
  • the static configuration or assignment/association of policy requestors 110 to policy servers 115 - 117 does not accommodate changing network and/or policy server states and/or conditions including, for example, downtime during scheduled, unexpected maintenance and/or troubleshooting that may prevent a policy requestor 110 from being able to communicate with its assigned policy server(s) 115 - 117 .
  • the example communication system 100 of FIG. 1 includes a policy request router 130 . While a single policy request router 130 is depicted in FIG. 1 , a communication system may include more than one policy request router 130 . Rather than the traditional approach of a policy requestor 110 being statically configured to a particular policy server 115 - 117 , a routing module 205 of the example policy requestors 110 of FIG. 1 ( FIG. 2 ) sends policy requests to the example policy request router 130 . In some examples, an address, domain name and/or uniform resource locator (URL) for the policy request router 130 is stored in a non-volatile memory and/or storage device 210 ( FIG. 2 ) of the policy requestor 110 .
  • URL uniform resource locator
  • the example policy request router 130 of FIG. 1 includes any number and/or type(s) of communication modules 135 .
  • the example policy request router 130 of FIG. 1 includes a routing engine 140 .
  • the example routing engine 140 of FIG. 1 applies one or more policy routing rules 145 to determine or select a target policy server 115 - 117 for the policy request.
  • the example routing engine 140 sends, via the communication module 135 , a response to the policy requestor 110 identifying the selected policy server 115 - 117 .
  • the routing module 205 subsequently sends the policy request to the identified policy server 115 - 117 to trigger application of one or more policies associated with the policy request.
  • the routing engine 140 forwards the policy request to the selected target policy server 115 - 117 on behalf of the policy requestor 110 .
  • a policy request belonging to the same policy realm and/or same policy domain may be sent to the identified policy server 115 - 117 by the policy requestor 110 without having to consult the policy request router 130 .
  • a policy realm refers or corresponds to a usage area or a policy type
  • a policy domain refers or corresponds to any other sort of policy division or categorization.
  • policy realms and/or policy domains correspond to network realms and/or network domains.
  • the routing engine 140 identifies the policy server 115 - 117 to the policy requestor 110 by providing at least one of a URL, a domain name, or an Internet protocol (IP) address for the selected policy server 115 - 117 .
  • IP Internet protocol
  • the policy routing rules 145 applied by the routing engine 140 are different from the policies applied by the policy server 115 - 117 and/or the policy enforcer 118 .
  • a policy requestor 110 and/or a policy server 115 - 117 may exchange any number and/or type(s) of additional or alternative messages such as a keep-alive message, a backoff message, an ACK message, etc.
  • the example routing engine 140 of FIG. 1 applies one or more of the example policy routing rule(s) 145 to, for example, a policy type or policy realm associated with the policy request (e.g., QoS, security, authentication, business support system (BSS)/operation support system (OSS), content delivery network (CDN), application, etc.), a policy domain associated with the policy request (e.g., a location, a geographic area, a functional area, a technology area, a business area, a customer type, a customer group, a vendor or set of vendors, a technology or set of technologies, an IP address, an IP network, an IP subnet, etc.), a network condition (e.g., link availability, bandwidth availability, etc.), a policy server 115 - 117 condition (e.g., load, available memory, etc.) etc.
  • a policy type or policy realm associated with the policy request e.g., QoS, security, authentication, business support system (BSS)/operation support system (OSS), content delivery network (
  • network condition refers to any number and/or type(s) of parameters, values, flags and/or indicators that individually or collectively represent an operational state of the network 120 at any or all of a transport plane, a signaling plane and/or a control plane.
  • a network condition may represent whether or not any or all of a transport plane, a signaling plane or a control plane of the network 120 are operating as intended, and/or characterize how well a transport plane, a signaling plane or a control plane of the network 120 are operating.
  • a network condition may, for example, represent the state of logical and/or physical devices, interfaces, routes, and/or communication links.
  • Example network conditions include, but are not limited to, link operational, link down, link up, link available, bandwidth availability, server up, server down, server load, server memory consumption, a security state, an application state, and/or a service state.
  • the example policy routing rules 145 of FIG. 1 may be expressed using if-then, input-while-then, and/or event-condition-action (ECA) expressions.
  • ECA event-condition-action
  • the “if,” “input,” “while,” “event,” “condition” and/or “action” portions of such rules may include more than one sub-expression. Further, such portions or sub-expressions may include computations, comparisons, algorithms and/or thresholds.
  • An example input-while-then rule 145 is “policy request corresponds to policy realm # 1 , while device 105 - 107 is in geographic area # 3 and load on policy server # 9 is less than L, then select policy server # 9 .”
  • the “while” portion of such rules distinguishes the example policy routing rules 145 from a table look-up.
  • a proxy call session control function (P-CSCF) server in an IP multimedia subsystem (IMS) network consults a static list or table to identify the serving call session control function (S-CSCF) server and the interrogating call session control function (I-CSCF) server assigned to a user endpoint device.
  • S-CSCF serving call session control function
  • I-CSCF interrogating call session control function
  • the routing engine 140 implements multiple decision modes. For example, when available information is determinative, then the policy routing rules 145 are applied and result in the selection of a single target policy server 115 - 117 . When available information is not fully determinative (e.g., the rules 145 result in the identification of multiple policy servers 115 - 117 ), the routing engine 140 selects the best target policy server 115 - 117 from the multiple identified policy servers 115 - 117 . When available information is barely determinative (e.g., significant uncertainty in which policy server 115 - 117 to select), the routing engine 140 selects the best policy server 115 - 117 and notifies a management system (not shown).
  • Policy routing rules may be stored in, for example, a cache using any number and/or type(s) of data structure(s).
  • the policy routing rules 145 may be implemented by any number and/or type(s) of volatile and/or non-volatile memory(-ies), memory device(s) and/or tangible computer-readable storage medium.
  • Rules stored in the example cache 145 of FIG. 1 may be received from any number and/or type(s) of policy distributors 150 .
  • the example policy distributor 150 of FIG. 1 implements any number and/or type(s) of graphical user interface(s) to enable a person (e.g., a technician, a network operator, etc.) to dynamically create, define, delete, and/or modify policy routing rules.
  • the graphic user interface(s) also enable the user to update the policy routing rules cache 145 while the example policy request router 130 is operating.
  • the example distributor 150 of FIG. 1 provides the rules implemented by the example policy servers 115 - 117 .
  • each of the policy servers 115 - 117 implement different policies, although any of the policy servers 115 - 117 may implement more than one policy. Accordingly, the example policy request router 130 of FIG. 1 differs from a load balancer, which routes policy requests to different policy servers to balance the processing, memory and/or storage loads of the policy servers 115 - 117 . Moreover, a load balancer forwards the policy request to the selected policy server 115 - 117 on behalf of the policy requestor 110 , and does not return an identifier for the selected policy server 115 - 117 to the policy requestor 110 .
  • the routing engine 140 of FIG. 1 also returns to the policy requestor 110 a value representing a time duration or time period for which the identified policy server 115 - 117 may be used by the policy requestor 110 without having to consult the policy request router 130 .
  • the routing module 205 stores the policy server identifier together with a policy domain and/or realm, and the time duration value in a cache 215 ( FIG. 2 ).
  • a routing module 205 queries the cache 215 to determine whether the cache 215 contains an entry having a policy domain and/or policy realm corresponding to the policy request to be sent.
  • the routing module 205 determines whether the time period specified in the response received from the policy request router 130 has expired. If the time period has not expired, the routing module 205 sends the policy request to the policy server 115 - 117 previously identified by the policy request router 130 . If the time period has expired, the routing module 205 sends the policy request to the policy request router 130 to determine the policy server 115 - 117 for the policy request.
  • One or more parameters associated with the policy request (e.g., policy realm, policy domain, the policy requestor 110 , etc.), the selected policy server 115 - 117 and the time period value (if applicable) are stored in a requestor cache 155 .
  • One or more parameters and/or values representing network state e.g., which links are functional, which links are down, etc.
  • network condition e.g., bandwidth used on each link
  • policy server states e.g., operational, down, etc.
  • policy server condition e.g., load, memory usage, etc.
  • Data may be stored in the example caches 155 and 160 using any number and/or type(s) of data structure(s).
  • the example caches 155 and 160 may be implemented using any number and/or type(s) of volatile and/or non-volatile memory(-ies), memory device(s) and/or tangible computer-readable storage medium.
  • the communication module 135 periodically and/or aperiodically polls and/or queries the policy servers 115 - 117 and/or communication system devices (e.g., routers, switches, etc.) for their state and/or condition information and updates the state cache 160 accordingly.
  • the routing engine 140 monitors the state cache 160 for a change in network and/or policy server state and/or condition. When a change is detected (e.g., a link failure, a policy server failure, etc.), the example routing engine 140 of FIG. 1 automatically determines which previous policy server selections stored in the requestor cache 155 need to be updated. Additionally or alternatively, the routing engine 140 queries each entry in the requestor cache 115 to identify entries that have or will soon expire.
  • a change e.g., a link failure, a policy server failure, etc.
  • the example routing engine 140 of FIG. 1 automatically determines which previous policy server selections stored in the requestor cache 155 need to be updated. Additionally or alternatively, the routing engine 140 queries each entry in the requestor cache 115 to identify entries that have or will soon expire.
  • the routing engine 140 For each policy server selection needing to be changed or for each entry that need to be refreshed, the routing engine 140 applies one or more of the policy routing rules 145 based on the current state 160 to select a new policy server 115 - 117 , updates the requestor cache 155 , and automatically notifies the associated policy requestor(s) 110 of the changed policy server selection.
  • the policy requestors 110 may contact the policy request router 130 for policy server 115 selections independent of and/or separately from a policy request.
  • the routing engine 140 responds with a policy server 115 - 117 for each of a plurality of policy/policy realm/policy domain combinations. Additionally or alternatively, the example routing engine 140 provides to the policy requestors 110 a multicast address for each of the plurality of policy/policy realm/policy domain combinations.
  • the policy server(s) 115 - 117 associated with each policy/policy realm/policy domain combination joins the associated multicast group using, for example, any past, present and/or future version of the Internet group management protocol (IGMP).
  • IGMP Internet group management protocol
  • a policy requestor 110 When a policy requestor 110 has a policy request to send, it broadcasts the policy request to the multicast address associated with the policy request.
  • Example methods to determine which policy server 115 - 117 handles the policy request and/or which response the policy requestor 110 considers is described in U.S. Publication No. 2009/0313372, entitled “Apparatus, Methods and Computer Program Products For Managing Network Elements and Associated Network Element Resources by Multiple Management Systems, filed Jun. 16, 2008.
  • U.S. Publication No. 2009/0313372 is hereby incorporated by reference in its entirety.
  • any of the example policy request router 130 , the example communication module 135 , the example routing engine 140 , the example policy cache 145 , the example requestor cache 155 , the example state cache 160 , the example policy requestors 110 , the example routing module 205 , the example router address 210 , and/or the example server cache 215 could be implemented by the example processor platform P 100 of FIG. 6 and/or one or more circuit(s), programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)), field-programmable gate array(s) (FPGA(s)), fuses, etc.
  • ASIC application specific integrated circuit
  • PLD programmable logic device
  • FPLD field programmable logic device
  • FPGA field-programmable gate array
  • any apparatus claim of this patent incorporating one or more of these elements is read to cover a purely software and/or firmware implementation
  • at least one of the example policy request router 130 , the example communication module 135 , the example routing engine 140 , the example policy cache 145 , the example requestor cache 155 , the example state cache 160 , the example policy requestors 110 , the example routing module 205 , the example router address 210 , and/or the example server cache 215 are hereby expressly defined to include a tangible article of manufacture such as a tangible computer-readable medium storing the firmware and/or software.
  • any of the example policy request router 130 and/or the example policy requestors 110 of FIGS. 1 and 2 may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated in FIGS. 1 and 2 , and/or may include more than one of any or all of the illustrated elements, processes and devices.
  • tangible computer-readable medium is expressly defined to include any type of computer-readable medium and to expressly exclude propagating signals.
  • Example computer-readable medium include, but are not limited to, a volatile and/or non-volatile memory, a volatile and/or non-volatile memory device, a compact disc (CD), a digital versatile disc (DVD), a floppy disk, a read-only memory (ROM), a random-access memory (RAM), a programmable ROM (PROM), an electronically-programmable ROM (EPROM), an electronically-erasable PROM (EEPROM), an optical storage disk, an optical storage device, magnetic storage disk, a magnetic storage device, a cache, and/or any other storage media in which information is stored for any duration (e.g., for extended time periods, permanently, brief instances, for temporarily buffering, and/or for caching of the information) and which can be accessed by a processor, a computer and/or other machine having a processor, such as the example processor platform P 100 discussed below in connection
  • FIGS. 3 , 4 and 5 illustrate example interactions and example processes that may be embodied as machine-accessible instructions and executed by, for example, one or more processors to implement the example policy requestors 110 and/or the example policy request router 130 of FIGS. 1 and 2 .
  • a processor, a controller and/or any other suitable processing device may be used, configured and/or programmed to execute the example machine-readable instructions represented in FIGS. 3-5 .
  • the machine-readable instructions of FIGS. 3-5 may be embodied in coded instructions stored on a tangible computer-readable medium.
  • Machine-readable instructions comprise, for example, instructions that cause a processor, a computer and/or a machine having a processor to perform one or more particular processes. Alternatively, some or all of the example processes of FIGS.
  • FIGS. 3-5 may be implemented using any combination(s) of ASIC(s), PLD(s), FPLD(s), FPGA(s), discrete logic, hardware, firmware, etc. Also, some or all of the example processes of FIGS. 3-5 may be implemented manually or as any combination of any of the foregoing techniques, for example, any combination of firmware, software, discrete logic and/or hardware. Further, many other methods of implementing the example operations of FIGS. 3-5 may be employed. For example, the order of execution of the blocks may be changed, and/or one or more of the blocks described may be changed, eliminated, sub-divided, or combined. Additionally, the blocks of any or all of the example processes of FIGS. 3-5 may be carried out sequentially and/or carried out in parallel by, for example, separate processing threads, processors, devices, discrete logic, circuits, etc.
  • the illustrated example of FIG. 3 begins with the example routing module 205 of one of the policy requestors 110 determining whether the cache 215 contains a valid entry for a policy request (block 305 ). If the cache 215 does not contain a valid entry (block 305 ), the routing module 205 sends the policy request 310 to the policy request router 130 .
  • the routing engine 140 applies one or more of the policy routing rules 145 to select a policy server 115 - 117 for the policy request 310 (block 315 ).
  • An example process that may be carried out by the example routing engine 140 to select the policy server 115 - 117 is illustrated in FIG. 5 .
  • the routing engine 140 returns to the policy requestor 110 an identifier 320 representing the selected policy server 115 - 117 .
  • the routing module 205 stores the identifier 320 in the server cache 215 (block 325 ) and sends the policy request 310 to the selected policy server 115 - 117 based on the received identifier 320 . Control then exits from the example process of FIG. 3 .
  • the routing module 205 sends the policy request 310 to the policy server 115 - 117 without consulting the policy request router 130 . Control then exits from the example process of FIG. 3 .
  • the illustrated example of FIG. 4 begins with the example communication module 135 collecting network and/or policy server state information (block 405 ). If the routing engine 140 determines a state change has occurred that would result in selection of a different policy server 115 - 117 (block 410 ), the routing engine 140 applies one or more of the policy routing rules 145 to select a new policy server 115 - 117 for the policy request 310 (block 415 ). An example process that may be carried out by the example routing engine 140 to select the policy server 115 - 117 is illustrated in FIG. 5 . The routing engine 140 provides to the policy requestor 110 an identifier 420 representing the selected policy server 115 - 117 . The routing module 205 stores the identifier 420 in the server cache 215 (block 425 ). Control then returns to block 405 to continue collecting network and/or policy server state information.
  • the example process of FIG. 5 begins with the example routing engine 140 determining a policy realm (block 505 ) and a policy domain (block 510 ) for a received policy request (e.g., the example policy request 310 of FIG. 3 ).
  • the routing engine 140 retrieves from the policy routing rules cache 145 the policy routing rules applicable to the policy realm and policy domain (block 515 ).
  • the routing engine 140 applies the policy routing rules to the state information 160 and the policy request to identify a target policy server 115 - 117 (block 520 ). If applicable, the routing engine 140 selects and/or determines a valid time period for the target policy server 115 - 117 (block 525 ).
  • the routing engine 140 forms a response (e.g., the example response 320 of FIG.
  • an identifier e.g., a URL, a domain name, an IP address, etc.
  • a time period value if applicable
  • FIG. 6 is a block diagram of an example processor platform P 100 that may be used and/or programmed to execute the example interactions and/or the example instructions of FIGS. 3-5 to implement any of the example policy requestors 110 and the example policy request routers 130 of FIGS. 1 and 2 .
  • One or more general-purpose processors, processor cores, microcontrollers, etc may be used to implement the processor platform P 100 .
  • the processor platform P 100 can be, for example, a server, a workstation, a router, a network switch, and/or any other type of computing device containing a processor.
  • the processor platform P 100 of the instant example includes at least one programmable processor P 105 .
  • the processor P 105 executes coded instructions P 110 and/or P 112 present in main memory of the processor P 105 (e.g., within a RAM P 115 and/or a ROM P 120 ).
  • the processor P 105 may be any type of processing unit, such as a processor core, a processor and/or a microcontroller.
  • the processor P 105 may execute, among other things, the example machine-accessible instructions of FIGS. 3-5 to implement route policy requests.
  • the coded instructions P 110 , P 112 may include the example instructions of FIGS. 3-5 .
  • the processor P 105 is in communication with the main memory including a ROM P 110 and the RAM P 115 via a bus P 125 .
  • the RAM P 115 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of RAM device.
  • the ROM P 110 may be implemented by flash memory and/or any other desired type of memory device. Access to the memory P 115 and the memory P 120 may be controlled by a memory controller.
  • the example memory P 115 and P 120 may be used to, for example, store the example caches 145 , 155 , 160 and 215 of FIGS. 1 and 2 and/or the example router address 210 of FIG. 2 .
  • the processor platform P 100 also includes an interface circuit P 130 .
  • Any type of interface standard such as an external memory interface, serial port, general-purpose input/output, as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface, etc, may implement the interface circuit P 130 .
  • One or more input devices P 135 may be connected to the interface circuit P 130 .
  • the input device(s) P 135 may be used to, for example, permit a user to enter data and commands into the processor P 105 .
  • the input device(s) P 135 can be implemented by, for example, a keyboard, a mouse, a touchscreen, a track-pad, and/or a trackball.
  • One or more output devices P 140 are also connected to the interface circuit 1020 .
  • the output devices P 140 can be implemented, for example, by display devices (e.g., a liquid crystal display, a cathode ray tube display (CRT), and/or a printer).
  • the interface circuit P 130 may, thus, include a graphics driver card.
  • the interface circuit P 130 may also includes one or more communication device(s) 145 such as a network interface card to facilitate exchange of data with external computers via a network.
  • the communication device(s) 145 may implement the example communication modules 135 of FIG. 1 .
  • the processor platform P 100 also includes one or more storage devices P 150 to store software and data.
  • storage devices P 150 include a floppy disk drive, a hard disk drive, a solid-state hard disk drive, a CD drive, a DVD drive and/or any other solid-state, magnetic and/or optical storage device.
  • the example storage 150 may be used to, for example, store the example caches 145 , 155 , 160 and 215 of FIGS. 1 and 2 , the example router address 210 of FIG. 2 , and/or the example coded instructions of FIGS. 3-5 .

Abstract

Example methods, apparatus and articles of manufacture to route policy requests are disclosed. A disclosed example method includes receiving, at a policy request router, a policy request from a policy requestor, applying, at the policy request router, a rule to a parameter representing a network condition to select a policy server for the policy request, and sending from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.

Description

    FIELD OF THE DISCLOSURE
  • This disclosure relates generally to policy requests, and, more particularly, to methods, apparatus and articles of manufacture to route policy requests.
    • BACKGROUND
  • In general, a policy represents and/or defines one or more rules that are applied to determine present and future decisions and/or actions. In communication networks and/or systems, policies represent and/or define rules that are applied to administer, manage and/or control access to communication resources.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a schematic illustration of an example communication system implemented in accordance with the teachings of this disclosure.
  • FIG. 2 illustrates an example manner of implementing any of the example policy requestors of FIG. 1.
  • FIGS. 3-5 illustrate example interactions and example processes that may be embodied as machine-accessible instructions and executed by, for example, one or more processors to implement the example policy requestors and/or the example policy request router of FIGS. 1 and 2.
  • FIG. 6 is a schematic illustration of an example processor platform that may be used and/or programmed to execute the example machine-accessible instructions represented by FIGS. 3-5 to implement the example network of FIG. 1.
    •  DETAILED DESCRIPTION
  • Example methods, apparatus and articles of manufacture to route policy requests are disclosed. A disclosed example method includes receiving, at a policy request router, a policy request from a policy requestor, applying, at the policy request router, a rule to a parameter representing a network condition to select a policy server for the policy request, and sending from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • A disclosed example policy request routing apparatus includes a communication module to receive a policy request from a policy requestor, and a decision engine to apply a rule to a value representing a network condition to select a policy server for the policy request, and send from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • Another disclosed example method includes sending a policy request to a policy request router, receiving from the policy request router an identifier representing a policy server, and sending the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
  • A disclosed example policy request apparatus includes a computer-readable storage medium to store a provisioned address of a policy request router, and a policy request routing module to send a policy request to the policy request router based on the provisioned address, receive from the policy request router an identifier representing a policy server, and send the policy request to the policy server based on the received identifier, the policy server to enforce a policy associated with the policy request.
  • FIG. 1 illustrates an example communication system 100. To implement, apply and/or utilize policies, the example communication system 100 of FIG. 1 implements any number and/or type(s) of communication devices 105-107 including a respective policy requestor 110, any number and/or type(s) of policy servers 115-117, and any number and/or type(s) of policy enforcers 118. While in FIG. 1 the policy requestors 110, the policy servers 115-117 and the policy enforcers 118 are depicted separately, in some examples, a particular communication device may implement any combination of a policy requestor 110 and a policy enforcer 118, a policy server 115-117 and a policy enforcer 118. Further, a policy requestor 110, a policy server 115-117 and a policy enforcer 118 may be communicatively coupled via a transport plane, a signaling plane and/or a control plane of the example communication system 100.
  • In the illustrated example of FIG. 1, the communication devices 105-107 of FIG. 1 are communicatively coupled to the example policy servers 115-117 and the policy enforcer 118 via any number and/or type(s) of public and/or private communication network(s) 120. The example network 120 includes transport, signaling and/or control planes. The example policy servers 115-117 of FIG. 1 make policy decisions for or on behalf other network or communication devices of the communication system 100, such as the example devices 105-107 and/or the example policy enforcer 118. A policy requestor 110 sends a policy request to a policy server 115-117 to trigger the policy server 115-117 to apply one or more policies for and/or on behalf of the device 105-107 associated with the policy requestor 110. Example policies that may be applied include, but are not limited to, quality of service (QoS) policies, security policies, remote access policies, and/or user authentication policies. For example, the policy requestor 110 of the example device 105 may send a network access request to one of the policy servers 115-117 to authenticate and/or authorize a user associated with the device 105 for access to the communication system 100.
  • Example communication devices 105-107 include, but are not limited to, a wireless user endpoint (e.g., a smartphone), a session border controller (SBC), an application or service element (e.g., a server, a module, etc.), a gateway general packet radio service (GPRS) support node (GGSN), a broadband remote access server (BRAS), a digital subscriber line access multiplexer (DSLAM), a feature server, a call session control function server, a residential gateway (RG) and/or any other number and/or type(s) of home network and/or communication devices. A communication device 105-107 may be implemented as hardware or any combination of hardware, software and firmware.
  • In general, policy enforcers 118 are implemented at, in and/or by network elements that traverse user data packets, signaling packets and/or control packets. Example policy enforcers 118 include, but are not limited to,), an SBC, an application or service element (e.g., a server, a module, etc.), a GGSN, a BRAS, a DSLAM, a media gateway, a feature server and/or a call session control function server. In some examples, a policy enforcer 118 comprises a logical entity embodied as machine-accessible instructions and executing on one or more processors of, for example, a server, router, gateway, control, signaling or any other communication service providing device.
  • Example policy servers 115-117 include, but are not limited to, a policy and charging rules function (PCRF), a service policy decision function (S-PDF), a policy decision functional element (PD-FE), or any other centralized server and/or workstation, and/or distributed servers and/or workstations. In some examples, a policy server 115-117 comprises a policy decision function (PDF) or a policy decision point (PDP) implemented as a logical entity embodied as machine-accessible instructions and executing on one or more processors of, for example, a server, router, gateway or any other communication service providing device. As shown in FIG. 1, a policy server 115-117 may query and/or consult a user policy database (UPD) 125 such as a subscription profile repository (SPR), a home subscriber server (HSS) and/or a common customer profile (CCP) during application of a policy.
  • Traditionally, the policy server 115-117 to which a policy requestor 110 sends a particular type of policy request is statically provisioned, associated with and/or configured into the policy requestor 110 and/or into the device 105-107 associated with the policy requestor 110. However, as the size of communication networks grow and/or the number of policies to be applied increases, the static configuration/association or assignment of policy servers 115-117 becomes impractical. Moreover, the static configuration or assignment/association of policy requestors 110 to policy servers 115-117 does not accommodate changing network and/or policy server states and/or conditions including, for example, downtime during scheduled, unexpected maintenance and/or troubleshooting that may prevent a policy requestor 110 from being able to communicate with its assigned policy server(s) 115-117.
  • To overcome at least these problems, the example communication system 100 of FIG. 1 includes a policy request router 130. While a single policy request router 130 is depicted in FIG. 1, a communication system may include more than one policy request router 130. Rather than the traditional approach of a policy requestor 110 being statically configured to a particular policy server 115-117, a routing module 205 of the example policy requestors 110 of FIG. 1 (FIG. 2) sends policy requests to the example policy request router 130. In some examples, an address, domain name and/or uniform resource locator (URL) for the policy request router 130 is stored in a non-volatile memory and/or storage device 210 (FIG. 2) of the policy requestor 110.
  • To allow the policy request router 130 to communicate with the example policy requestors 110, the example policy request router 130 of FIG. 1 includes any number and/or type(s) of communication modules 135. To make policy routing decisions, the example policy request router 130 of FIG. 1 includes a routing engine 140. When a policy request is received from a policy requestor 110 via the example communication module 135, the example routing engine 140 of FIG. 1 applies one or more policy routing rules 145 to determine or select a target policy server 115-117 for the policy request. The example routing engine 140 sends, via the communication module 135, a response to the policy requestor 110 identifying the selected policy server 115-117. The routing module 205 subsequently sends the policy request to the identified policy server 115-117 to trigger application of one or more policies associated with the policy request. Alternatively, the routing engine 140 forwards the policy request to the selected target policy server 115-117 on behalf of the policy requestor 110. As described below, a policy request belonging to the same policy realm and/or same policy domain may be sent to the identified policy server 115-117 by the policy requestor 110 without having to consult the policy request router 130. As used herein, a policy realm refers or corresponds to a usage area or a policy type, and a policy domain refers or corresponds to any other sort of policy division or categorization. In some examples, policy realms and/or policy domains correspond to network realms and/or network domains. In some examples, the routing engine 140 identifies the policy server 115-117 to the policy requestor 110 by providing at least one of a URL, a domain name, or an Internet protocol (IP) address for the selected policy server 115-117. The policy routing rules 145 applied by the routing engine 140 are different from the policies applied by the policy server 115-117 and/or the policy enforcer 118. In some examples, a policy requestor 110 and/or a policy server 115-117 may exchange any number and/or type(s) of additional or alternative messages such as a keep-alive message, a backoff message, an ACK message, etc.
  • The example routing engine 140 of FIG. 1 applies one or more of the example policy routing rule(s) 145 to, for example, a policy type or policy realm associated with the policy request (e.g., QoS, security, authentication, business support system (BSS)/operation support system (OSS), content delivery network (CDN), application, etc.), a policy domain associated with the policy request (e.g., a location, a geographic area, a functional area, a technology area, a business area, a customer type, a customer group, a vendor or set of vendors, a technology or set of technologies, an IP address, an IP network, an IP subnet, etc.), a network condition (e.g., link availability, bandwidth availability, etc.), a policy server 115-117 condition (e.g., load, available memory, etc.) etc. to dynamically select the target policy server 115-117 for the policy request. As used herein the term “network condition” refers to any number and/or type(s) of parameters, values, flags and/or indicators that individually or collectively represent an operational state of the network 120 at any or all of a transport plane, a signaling plane and/or a control plane. A network condition may represent whether or not any or all of a transport plane, a signaling plane or a control plane of the network 120 are operating as intended, and/or characterize how well a transport plane, a signaling plane or a control plane of the network 120 are operating. A network condition may, for example, represent the state of logical and/or physical devices, interfaces, routes, and/or communication links. Example network conditions include, but are not limited to, link operational, link down, link up, link available, bandwidth availability, server up, server down, server load, server memory consumption, a security state, an application state, and/or a service state. The example policy routing rules 145 of FIG. 1 may be expressed using if-then, input-while-then, and/or event-condition-action (ECA) expressions. The “if,” “input,” “while,” “event,” “condition” and/or “action” portions of such rules may include more than one sub-expression. Further, such portions or sub-expressions may include computations, comparisons, algorithms and/or thresholds. An example input-while-then rule 145 is “policy request corresponds to policy realm #1, while device 105-107 is in geographic area #3 and load on policy server #9 is less than L, then select policy server #9.” The “while” portion of such rules distinguishes the example policy routing rules 145 from a table look-up. For example, a proxy call session control function (P-CSCF) server in an IP multimedia subsystem (IMS) network consults a static list or table to identify the serving call session control function (S-CSCF) server and the interrogating call session control function (I-CSCF) server assigned to a user endpoint device. The determination of the S-CSCF and I-CSCF servers by the P-CSCF server clearly does not depend on any dynamic network conditions, computations, comparisons, rules, algorithms or thresholds.
  • In some examples, the routing engine 140 implements multiple decision modes. For example, when available information is determinative, then the policy routing rules 145 are applied and result in the selection of a single target policy server 115-117. When available information is not fully determinative (e.g., the rules 145 result in the identification of multiple policy servers 115-117), the routing engine 140 selects the best target policy server 115-117 from the multiple identified policy servers 115-117. When available information is barely determinative (e.g., significant uncertainty in which policy server 115-117 to select), the routing engine 140 selects the best policy server 115-117 and notifies a management system (not shown).
  • Policy routing rules may be stored in, for example, a cache using any number and/or type(s) of data structure(s). The policy routing rules 145 may be implemented by any number and/or type(s) of volatile and/or non-volatile memory(-ies), memory device(s) and/or tangible computer-readable storage medium.
  • Rules stored in the example cache 145 of FIG. 1 may be received from any number and/or type(s) of policy distributors 150. The example policy distributor 150 of FIG. 1 implements any number and/or type(s) of graphical user interface(s) to enable a person (e.g., a technician, a network operator, etc.) to dynamically create, define, delete, and/or modify policy routing rules. The graphic user interface(s) also enable the user to update the policy routing rules cache 145 while the example policy request router 130 is operating. In some examples, the example distributor 150 of FIG. 1 provides the rules implemented by the example policy servers 115-117.
  • In some examples, each of the policy servers 115-117 implement different policies, although any of the policy servers 115-117 may implement more than one policy. Accordingly, the example policy request router 130 of FIG. 1 differs from a load balancer, which routes policy requests to different policy servers to balance the processing, memory and/or storage loads of the policy servers 115-117. Moreover, a load balancer forwards the policy request to the selected policy server 115-117 on behalf of the policy requestor 110, and does not return an identifier for the selected policy server 115-117 to the policy requestor 110.
  • In some examples, the routing engine 140 of FIG. 1 also returns to the policy requestor 110 a value representing a time duration or time period for which the identified policy server 115-117 may be used by the policy requestor 110 without having to consult the policy request router 130. For example, when a response is received at the routing module 205 (FIG. 2) from the routing engine 140, the routing module 205 stores the policy server identifier together with a policy domain and/or realm, and the time duration value in a cache 215 (FIG. 2). When a subsequent policy request is to be sent, a routing module 205 queries the cache 215 to determine whether the cache 215 contains an entry having a policy domain and/or policy realm corresponding to the policy request to be sent. If a cache entry is identified, the routing module 205 determines whether the time period specified in the response received from the policy request router 130 has expired. If the time period has not expired, the routing module 205 sends the policy request to the policy server 115-117 previously identified by the policy request router 130. If the time period has expired, the routing module 205 sends the policy request to the policy request router 130 to determine the policy server 115-117 for the policy request.
  • One or more parameters associated with the policy request (e.g., policy realm, policy domain, the policy requestor 110, etc.), the selected policy server 115-117 and the time period value (if applicable) are stored in a requestor cache 155. One or more parameters and/or values representing network state (e.g., which links are functional, which links are down, etc.), network condition (e.g., bandwidth used on each link), policy server states (e.g., operational, down, etc.) and/or policy server condition (e.g., load, memory usage, etc.) used to select a policy server 115-117 are stored in a state cache 160. Data may be stored in the example caches 155 and 160 using any number and/or type(s) of data structure(s). The example caches 155 and 160 may be implemented using any number and/or type(s) of volatile and/or non-volatile memory(-ies), memory device(s) and/or tangible computer-readable storage medium. In some examples, the communication module 135 periodically and/or aperiodically polls and/or queries the policy servers 115-117 and/or communication system devices (e.g., routers, switches, etc.) for their state and/or condition information and updates the state cache 160 accordingly.
  • In some examples, the routing engine 140 monitors the state cache 160 for a change in network and/or policy server state and/or condition. When a change is detected (e.g., a link failure, a policy server failure, etc.), the example routing engine 140 of FIG. 1 automatically determines which previous policy server selections stored in the requestor cache 155 need to be updated. Additionally or alternatively, the routing engine 140 queries each entry in the requestor cache 115 to identify entries that have or will soon expire. For each policy server selection needing to be changed or for each entry that need to be refreshed, the routing engine 140 applies one or more of the policy routing rules 145 based on the current state 160 to select a new policy server 115-117, updates the requestor cache 155, and automatically notifies the associated policy requestor(s) 110 of the changed policy server selection.
  • In some examples, the policy requestors 110 may contact the policy request router 130 for policy server 115 selections independent of and/or separately from a policy request. The routing engine 140 responds with a policy server 115-117 for each of a plurality of policy/policy realm/policy domain combinations. Additionally or alternatively, the example routing engine 140 provides to the policy requestors 110 a multicast address for each of the plurality of policy/policy realm/policy domain combinations. The policy server(s) 115-117 associated with each policy/policy realm/policy domain combination joins the associated multicast group using, for example, any past, present and/or future version of the Internet group management protocol (IGMP). When a policy requestor 110 has a policy request to send, it broadcasts the policy request to the multicast address associated with the policy request. Example methods to determine which policy server 115-117 handles the policy request and/or which response the policy requestor 110 considers is described in U.S. Publication No. 2009/0313372, entitled “Apparatus, Methods and Computer Program Products For Managing Network Elements and Associated Network Element Resources by Multiple Management Systems, filed Jun. 16, 2008. U.S. Publication No. 2009/0313372 is hereby incorporated by reference in its entirety.
  • While an example manner of implementing the example policy request router 130 and the example policy requestors 110 have been illustrated in FIGS. 1 and 2, one or more of the elements, processes and/or devices illustrated in FIGS. 1 and 2 may be combined, divided, re-arranged, omitted, eliminated and/or implemented in any other way. Further, the example policy request router 130, the example communication module 135, the example routing engine 140, the example policy cache 145, the example requestor cache 155, the example state cache 160, the example policy requestors 110, the example routing module 205, the example router address 210, and/or the example server cache 215 of FIGS. 1 and 2 may be implemented by hardware, software, firmware and/or any combination of hardware, software and/or firmware. Thus, for example, any of the example policy request router 130, the example communication module 135, the example routing engine 140, the example policy cache 145, the example requestor cache 155, the example state cache 160, the example policy requestors 110, the example routing module 205, the example router address 210, and/or the example server cache 215 could be implemented by the example processor platform P100 of FIG. 6 and/or one or more circuit(s), programmable processor(s), application specific integrated circuit(s) (ASIC(s)), programmable logic device(s) (PLD(s)) and/or field programmable logic device(s) (FPLD(s)), field-programmable gate array(s) (FPGA(s)), fuses, etc. When any apparatus claim of this patent incorporating one or more of these elements is read to cover a purely software and/or firmware implementation, at least one of the example policy request router 130, the example communication module 135, the example routing engine 140, the example policy cache 145, the example requestor cache 155, the example state cache 160, the example policy requestors 110, the example routing module 205, the example router address 210, and/or the example server cache 215 are hereby expressly defined to include a tangible article of manufacture such as a tangible computer-readable medium storing the firmware and/or software. Further still, any of the example policy request router 130 and/or the example policy requestors 110 of FIGS. 1 and 2 may include one or more elements, processes and/or devices in addition to, or instead of, those illustrated in FIGS. 1 and 2, and/or may include more than one of any or all of the illustrated elements, processes and devices.
  • As used herein, the term tangible computer-readable medium is expressly defined to include any type of computer-readable medium and to expressly exclude propagating signals. Example computer-readable medium include, but are not limited to, a volatile and/or non-volatile memory, a volatile and/or non-volatile memory device, a compact disc (CD), a digital versatile disc (DVD), a floppy disk, a read-only memory (ROM), a random-access memory (RAM), a programmable ROM (PROM), an electronically-programmable ROM (EPROM), an electronically-erasable PROM (EEPROM), an optical storage disk, an optical storage device, magnetic storage disk, a magnetic storage device, a cache, and/or any other storage media in which information is stored for any duration (e.g., for extended time periods, permanently, brief instances, for temporarily buffering, and/or for caching of the information) and which can be accessed by a processor, a computer and/or other machine having a processor, such as the example processor platform P100 discussed below in connection with FIG. 4. As used herein, the term non-transitory computer-readable medium is expressly defined to include any type of computer-readable medium and to exclude propagating signals.
  • FIGS. 3, 4 and 5 illustrate example interactions and example processes that may be embodied as machine-accessible instructions and executed by, for example, one or more processors to implement the example policy requestors 110 and/or the example policy request router 130 of FIGS. 1 and 2. A processor, a controller and/or any other suitable processing device may be used, configured and/or programmed to execute the example machine-readable instructions represented in FIGS. 3-5. For example, the machine-readable instructions of FIGS. 3-5 may be embodied in coded instructions stored on a tangible computer-readable medium. Machine-readable instructions comprise, for example, instructions that cause a processor, a computer and/or a machine having a processor to perform one or more particular processes. Alternatively, some or all of the example processes of FIGS. 3-5 may be implemented using any combination(s) of ASIC(s), PLD(s), FPLD(s), FPGA(s), discrete logic, hardware, firmware, etc. Also, some or all of the example processes of FIGS. 3-5 may be implemented manually or as any combination of any of the foregoing techniques, for example, any combination of firmware, software, discrete logic and/or hardware. Further, many other methods of implementing the example operations of FIGS. 3-5 may be employed. For example, the order of execution of the blocks may be changed, and/or one or more of the blocks described may be changed, eliminated, sub-divided, or combined. Additionally, the blocks of any or all of the example processes of FIGS. 3-5 may be carried out sequentially and/or carried out in parallel by, for example, separate processing threads, processors, devices, discrete logic, circuits, etc.
  • The illustrated example of FIG. 3 begins with the example routing module 205 of one of the policy requestors 110 determining whether the cache 215 contains a valid entry for a policy request (block 305). If the cache 215 does not contain a valid entry (block 305), the routing module 205 sends the policy request 310 to the policy request router 130.
  • The routing engine 140 applies one or more of the policy routing rules 145 to select a policy server 115-117 for the policy request 310 (block 315). An example process that may be carried out by the example routing engine 140 to select the policy server 115-117 is illustrated in FIG. 5. The routing engine 140 returns to the policy requestor 110 an identifier 320 representing the selected policy server 115-117. The routing module 205 stores the identifier 320 in the server cache 215 (block 325) and sends the policy request 310 to the selected policy server 115-117 based on the received identifier 320. Control then exits from the example process of FIG. 3.
  • Returning to block 305, if the cache 215 contains a valid entry for the policy request 310 (block 305), the routing module 205 sends the policy request 310 to the policy server 115-117 without consulting the policy request router 130. Control then exits from the example process of FIG. 3.
  • The illustrated example of FIG. 4 begins with the example communication module 135 collecting network and/or policy server state information (block 405). If the routing engine 140 determines a state change has occurred that would result in selection of a different policy server 115-117 (block 410), the routing engine 140 applies one or more of the policy routing rules 145 to select a new policy server 115-117 for the policy request 310 (block 415). An example process that may be carried out by the example routing engine 140 to select the policy server 115-117 is illustrated in FIG. 5. The routing engine 140 provides to the policy requestor 110 an identifier 420 representing the selected policy server 115-117. The routing module 205 stores the identifier 420 in the server cache 215 (block 425). Control then returns to block 405 to continue collecting network and/or policy server state information.
  • The example process of FIG. 5 begins with the example routing engine 140 determining a policy realm (block 505) and a policy domain (block 510) for a received policy request (e.g., the example policy request 310 of FIG. 3). The routing engine 140 retrieves from the policy routing rules cache 145 the policy routing rules applicable to the policy realm and policy domain (block 515). The routing engine 140 applies the policy routing rules to the state information 160 and the policy request to identify a target policy server 115-117 (block 520). If applicable, the routing engine 140 selects and/or determines a valid time period for the target policy server 115-117 (block 525). The routing engine 140 forms a response (e.g., the example response 320 of FIG. 3) containing an identifier (e.g., a URL, a domain name, an IP address, etc.) representing the target policy server 115-117 and a time period value (if applicable) (block 530), and sends the response to the policy requestor 110 (block 535). Control then exits from the example process of FIG. 5.
  • FIG. 6 is a block diagram of an example processor platform P100 that may be used and/or programmed to execute the example interactions and/or the example instructions of FIGS. 3-5 to implement any of the example policy requestors 110 and the example policy request routers 130 of FIGS. 1 and 2. One or more general-purpose processors, processor cores, microcontrollers, etc may be used to implement the processor platform P100. The processor platform P100 can be, for example, a server, a workstation, a router, a network switch, and/or any other type of computing device containing a processor.
  • The processor platform P100 of the instant example includes at least one programmable processor P105. The processor P105 executes coded instructions P110 and/or P112 present in main memory of the processor P105 (e.g., within a RAM P115 and/or a ROM P120). The processor P105 may be any type of processing unit, such as a processor core, a processor and/or a microcontroller. The processor P105 may execute, among other things, the example machine-accessible instructions of FIGS. 3-5 to implement route policy requests. Thus, the coded instructions P110, P112 may include the example instructions of FIGS. 3-5.
  • The processor P105 is in communication with the main memory including a ROM P110 and the RAM P115 via a bus P125. The RAM P115 may be implemented by Synchronous Dynamic Random Access Memory (SDRAM), Dynamic Random Access Memory (DRAM), RAMBUS Dynamic Random Access Memory (RDRAM) and/or any other type of RAM device. The ROM P110 may be implemented by flash memory and/or any other desired type of memory device. Access to the memory P115 and the memory P120 may be controlled by a memory controller. The example memory P115 and P120 may be used to, for example, store the example caches 145, 155, 160 and 215 of FIGS. 1 and 2 and/or the example router address 210 of FIG. 2.
  • The processor platform P100 also includes an interface circuit P130. Any type of interface standard, such as an external memory interface, serial port, general-purpose input/output, as an Ethernet interface, a universal serial bus (USB), and/or a PCI express interface, etc, may implement the interface circuit P130.
  • One or more input devices P135 may be connected to the interface circuit P130. The input device(s) P135 may be used to, for example, permit a user to enter data and commands into the processor P105. The input device(s) P135 can be implemented by, for example, a keyboard, a mouse, a touchscreen, a track-pad, and/or a trackball.
  • One or more output devices P140 are also connected to the interface circuit 1020. The output devices P140 can be implemented, for example, by display devices (e.g., a liquid crystal display, a cathode ray tube display (CRT), and/or a printer). The interface circuit P130 may, thus, include a graphics driver card.
  • The interface circuit P130 may also includes one or more communication device(s) 145 such as a network interface card to facilitate exchange of data with external computers via a network. For example, the communication device(s) 145 may implement the example communication modules 135 of FIG. 1.
  • In some examples, the processor platform P100 also includes one or more storage devices P150 to store software and data. Examples of such storage devices P150 include a floppy disk drive, a hard disk drive, a solid-state hard disk drive, a CD drive, a DVD drive and/or any other solid-state, magnetic and/or optical storage device. The example storage 150 may be used to, for example, store the example caches 145, 155, 160 and 215 of FIGS. 1 and 2, the example router address 210 of FIG. 2, and/or the example coded instructions of FIGS. 3-5.
  • Although certain example methods, apparatus and articles of manufacture have been described herein, the scope of coverage of this patent is not limited thereto. On the contrary, this patent covers all methods, apparatus and articles of manufacture fairly falling within the scope of the claims of this patent.

Claims (20)

1. A method comprising:
receiving, at a policy request router, a policy request from a policy requestor;
applying, at the policy request router, a rule to a parameter representing a network condition to select a policy server for the policy request; and
sending from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
2. A method as defined in claim 1, further comprising:
receiving, at the policy request router, a second policy request from the policy requestor;
applying, at the policy request router, a second rule to a second parameter representing a second network condition to select a second policy server for the second policy request, the second rule being different from the first rule; and
sending from the policy request router to the policy requestor a second identifier representing the second policy server, the second policy requestor to send the second policy request to the second policy server based on the second identifier, the second policy server to enforce a second policy associated with the second policy request, the second policy being different from the first policy.
3. A method as defined in claim 1, further comprising:
detecting a network state change; and
when the network state change is detected, applying the rule, at the policy request router, to select a second policy server for a second policy request, and sending from the policy request router to the policy requestor a second identifier representing the second policy server, the policy requestor to send the second policy request to the second policy server based on the second identifier, the second policy server to enforce the policy.
4. A method as defined in claim 1, wherein the rule comprises an if X while Y then Z rule, Y being the network condition, and X being determined based on the policy request.
5. A method as defined in claim 1, further comprising:
determining a policy realm based on the policy request;
determining a policy domain based on the policy realm; and
selecting the rule from a plurality of rules associated with the policy domain.
6. A method as defined in claim 5, wherein the policy realm comprises at least one of a quality of service realm, a security realm, or a user authentication realm.
7. A method as defined in claim 5, wherein the policy domain comprises at least one of a location, a geographic area, a customer type, a customer group, an Internet protocol address, an Internet protocol subnet, or an Internet protocol network.
8. A method as defined in claim 5, wherein the policy comprises at least one of a quality of service policy, a security policy, a remote access policy, or a user authentication policy.
9. A method as defined in claim 1, further comprising selecting a time period during which the policy requestor may send a second policy request to the policy server without first sending the second policy request to the policy request router.
10. A policy request routing apparatus comprising:
a communication module to receive a policy request from a policy requestor; and
a decision engine to apply a rule to a value representing a network condition to select a policy server for the policy request, and send from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
11. An apparatus as defined in claim 10, further comprising a state cache to store network state information, wherein the decision engine is to:
query the state cache to detect a network state change; and
select a second policy server for a second policy request, and send to the policy requestor a second identifier representing the second policy server, the policy requestor to send the second policy request to the second policy server based on the second identifier, the second policy server to enforce the policy.
12. An apparatus as defined in claim 10, further comprising a policy cache to store policy selection rules, wherein the decision engine is to:
determine a policy domain based on the policy request; and
select the rule from the policy cache based on the policy domain.
13. An apparatus as defined in claim 12, further comprising a state cache to store network state information, wherein the decision engine is to select the network condition from the state cache based on the policy request.
14. A tangible article of manufacture storing machine-readable instructions that, when executed, cause a machine to at least:
receive, at a policy request router, a policy request from a policy requestor;
apply, at the policy request router, a rule to a parameter representing a network condition to select a policy server for the policy request; and
send from the policy request router to the policy requestor an identifier representing the policy server, the policy requestor to send the policy request to the policy server based on the identifier, the policy server to enforce a policy associated with the policy request.
15. A tangible article of manufacture as defined in claim 14, wherein the machine-readable instructions, when executed, cause the machine to:
receive, at the policy request router, a second policy request from the policy requestor;
apply, at the policy request router, a second rule to a second parameter representing a second network condition to select a second policy server for the second policy request, the second rule being different from the first rule; and
send from the policy request router to the policy requestor a second identifier representing the second policy server, the second policy requestor to send the second policy request to the second policy server based on the second identifier, the second policy server to enforce a second policy associated with the second policy request, the second policy being different from the first policy.
16. A tangible article of manufacture as defined in claim 14, wherein the machine-readable instructions, when executed, cause the machine to:
detect a network state change; and
when the network state change is detected, apply the rule, at the policy request router, to select a second policy server for a second policy request, and sending from the policy request router to the policy requestor a second identifier representing the second policy server, the policy requestor to send the second policy request to the second policy server based on the second identifier, the second policy server to enforce the policy.
17. A tangible article of manufacture as defined in claim 14, wherein the rule comprises an if X while Y then Z rule, Y being the network condition, and X being determined based on the policy request.
18. A tangible article of manufacture as defined in claim 14, wherein the machine-readable instructions, when executed, cause the machine to:
determine a policy realm based on the policy request;
determine a policy domain based on the policy realm; and
select the rule from a plurality of rules associated with the policy domain.
19. A tangible article of manufacture as defined in claim 14, wherein the machine-readable instructions, when executed, cause the machine to select a time period during which the policy requestor may send a second policy request to the policy server without first sending the second policy request to the policy request router.
20-39. (canceled)
US12/915,672 2010-10-29 2010-10-29 Method, policy request router, and machine-readable hardware storage device to select a policy server based on a network condition to receive policy requests for a duration Active 2032-08-22 US8880666B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US12/915,672 US8880666B2 (en) 2010-10-29 2010-10-29 Method, policy request router, and machine-readable hardware storage device to select a policy server based on a network condition to receive policy requests for a duration

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US12/915,672 US8880666B2 (en) 2010-10-29 2010-10-29 Method, policy request router, and machine-readable hardware storage device to select a policy server based on a network condition to receive policy requests for a duration

Publications (2)

Publication Number Publication Date
US20120110128A1 true US20120110128A1 (en) 2012-05-03
US8880666B2 US8880666B2 (en) 2014-11-04

Family

ID=45997890

Family Applications (1)

Application Number Title Priority Date Filing Date
US12/915,672 Active 2032-08-22 US8880666B2 (en) 2010-10-29 2010-10-29 Method, policy request router, and machine-readable hardware storage device to select a policy server based on a network condition to receive policy requests for a duration

Country Status (1)

Country Link
US (1) US8880666B2 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110282981A1 (en) * 2010-05-11 2011-11-17 Alcatel-Lucent Canada Inc. Behavioral rule results
US20120198038A1 (en) * 2011-01-30 2012-08-02 Blue Coat Systems, Inc. System and method for distributing heuristics to network intermediary devices
US20130007221A1 (en) * 2011-06-29 2013-01-03 Instart Inc. Application acceleration
US20130077536A1 (en) * 2011-09-23 2013-03-28 Rave Wireless, Inc. Routing engine for emergency communications
US20130174218A1 (en) * 2011-01-25 2013-07-04 Nec Corporation Security policy enforcement system and security policy enforcement method
US20140082169A1 (en) * 2012-09-19 2014-03-20 Oracle International Corporation Execution framework for policy management
US20140164645A1 (en) * 2012-12-06 2014-06-12 Microsoft Corporation Routing table maintenance
US20140181267A1 (en) * 2012-12-22 2014-06-26 Edgewater Networks, Inc. Methods and systems to split equipment control between local and remote processing units
US9521214B2 (en) 2011-09-20 2016-12-13 Instart Logic, Inc. Application acceleration with partial file caching
EP3025548A4 (en) * 2014-01-29 2017-03-08 MediaTek Inc. Method of offload selection inheterogeneous wireless communication networks
US9680925B2 (en) 2012-01-09 2017-06-13 At&T Intellectual Property I, L. P. Methods and apparatus to route message traffic using tiered affinity-based message routing
WO2017142770A1 (en) * 2016-02-17 2017-08-24 Microsoft Technology Licensing, Llc Transfer of control of configuration sources
CN110213131A (en) * 2019-06-05 2019-09-06 腾讯科技(深圳)有限公司 Bandwidth determining method, device, computer equipment and storage medium
US10681009B2 (en) * 2013-01-11 2020-06-09 Centripetal Networks, Inc. Rule swapping in a packet network
US10965548B2 (en) * 2019-02-27 2021-03-30 Bank Of America Corporation Network operational decision engine
CN115102902A (en) * 2022-06-21 2022-09-23 北京天融信网络安全技术有限公司 Automatic switching method, device and analysis method for control strategy routing
US11832155B1 (en) * 2021-06-11 2023-11-28 T-Mobile Innovations Llc Consistent policy enforcement across networks

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013070232A1 (en) * 2011-11-10 2013-05-16 Assia, Inc. Method, apparatus, and system for optimizing performance of a communication unit by a remote server
US9819595B2 (en) 2011-12-05 2017-11-14 John Cioffi Systems and methods for traffic aggregation on multiple WAN backhauls and multiple distinct LAN networks
EP3806397B1 (en) 2014-12-04 2023-11-22 Assia Spe, Llc Method and apparatus for predicting successful dsl line optimization
CN105471747B (en) * 2015-11-25 2019-04-16 武汉烽火网络有限责任公司 A kind of intelligent router route selecting method and device
US10567388B1 (en) 2016-03-31 2020-02-18 Amazon Technologies, Inc. Automatic account resource and policy decommissioning
US9948681B1 (en) * 2016-03-31 2018-04-17 Amazon Technologies, Inc. Access control monitoring through policy management

Citations (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5341477A (en) * 1989-02-24 1994-08-23 Digital Equipment Corporation Broker for computer network server selection
US5751963A (en) * 1996-03-29 1998-05-12 Mitsubishi Denki Kabushiki Kaisha Hierarchical network management system operating as a proxy agent for enhancing processing efficiency
US20020046284A1 (en) * 2000-08-24 2002-04-18 Brabson Roy Frank Methods, systems and computer program products for providing transactional quality of service
US20020059428A1 (en) * 1998-11-10 2002-05-16 Netscaler, Inc. Internet client-server multiplexer
US20020065922A1 (en) * 2000-11-30 2002-05-30 Vijnan Shastri Method and apparatus for selection and redirection of an existing client-server connection to an alternate data server hosted on a data packet network (DPN) based on performance comparisons
US20020087657A1 (en) * 2000-12-28 2002-07-04 Hunt Galen C. Stateless distributed computer architecture with server-oriented state-caching objects maintained on network or client
US20020138551A1 (en) * 2001-02-13 2002-09-26 Aventail Corporation Distributed cache for state transfer operations
US20030065762A1 (en) * 2001-09-28 2003-04-03 Cable & Wireless Internet Services, Inc. Configurable adaptive global traffic control and management
US20030229501A1 (en) * 2002-06-03 2003-12-11 Copeland Bruce Wayne Systems and methods for efficient policy distribution
US6678835B1 (en) * 1999-06-10 2004-01-13 Alcatel State transition protocol for high availability units
US20040039803A1 (en) * 2002-08-21 2004-02-26 Eddie Law Unified policy-based management system
US20040073596A1 (en) * 2002-05-14 2004-04-15 Kloninger John Josef Enterprise content delivery network having a central controller for coordinating a set of content servers
US6735701B1 (en) * 1998-06-25 2004-05-11 Macarthur Investments, Llc Network policy management and effectiveness system
US6738908B1 (en) * 1999-05-06 2004-05-18 Watchguard Technologies, Inc. Generalized network security policy templates for implementing similar network security policies across multiple networks
US20040181689A1 (en) * 2003-03-11 2004-09-16 Satoshi Kiyoto Peer-to-peer communication apparatus and communication method
US6820121B1 (en) * 2000-08-24 2004-11-16 International Business Machines Corporation Methods systems and computer program products for processing an event based on policy rules using hashing
US6847609B1 (en) * 1999-06-29 2005-01-25 Adc Telecommunications, Inc. Shared management of a network entity
US20050240990A1 (en) * 2004-04-22 2005-10-27 Microsoft Corporation Systems and methods for managing networks
US20050289618A1 (en) * 2004-06-29 2005-12-29 Glen Hardin Method and apparatus for network bandwidth allocation
US20060010252A1 (en) * 2004-03-04 2006-01-12 Miltonberger Thomas W Geo-location and geo-compliance utilizing a client agent
US20060167975A1 (en) * 2004-11-23 2006-07-27 Chan Alex Y Caching content and state data at a network element
US20060294575A1 (en) * 2003-09-11 2006-12-28 Rogers Paul J Method and apparatus for use in security
US20070226775A1 (en) * 2006-02-07 2007-09-27 Cisco Technology, Inc. System and Method for Enforcing Policy in a Communication Network
US20070245409A1 (en) * 2006-04-12 2007-10-18 James Harris Systems and Methods for Providing Levels of Access and Action Control Via an SSL VPN Appliance
US20080025261A1 (en) * 2006-03-17 2008-01-31 Yusun Kim Riley Distributed policy services for mobile and nomadic networking
US20080070594A1 (en) * 2006-09-15 2008-03-20 Futurewei Technologies, Inc. SYSTEM AND METHOD FOR PAGING GROUP DIFFERENTIATION BY QoS SET GROUPING
US20080215718A1 (en) * 2001-09-28 2008-09-04 Level 3 Communications, Llc Policy-based content delivery network selection
US7437441B1 (en) * 2003-02-28 2008-10-14 Microsoft Corporation Using deltas for efficient policy distribution
US20080263180A1 (en) * 2007-04-19 2008-10-23 Hurst Mark B Apparatus, system, and method for resilient content acquisition
US20100299451A1 (en) * 2007-12-01 2010-11-25 Cai Yigang Ims diameter router with load balancing
US20110058545A1 (en) * 2007-09-20 2011-03-10 Telefonaktiebolaget L M Ericsson (Publ) Policy routing in a communications network
US20110066718A1 (en) * 2000-10-18 2011-03-17 Susai Michel K Apparatus, method and computer program product for efficiently pooling connections between clients and servers
US20110294518A1 (en) * 2010-04-07 2011-12-01 Telefonaktiebolaget Lm Ericsson (Publ) Enhancement of Positioning Quality of Service
US20110314144A1 (en) * 2010-06-22 2011-12-22 Verizon Patent And Licensing, Inc. Event detection and response using rich network content
US20120084342A1 (en) * 2010-10-01 2012-04-05 At&T Intellectual Property I, L.P. Apparatus and method for managing mobile device servers
US20120151056A1 (en) * 2010-12-14 2012-06-14 Verizon Patent And Licensing, Inc. Network service admission control using dynamic network topology and capacity updates
US20130036215A1 (en) * 2011-08-05 2013-02-07 Kupinsky Stuart H Methods, systems, and computer readable media for network metadata based policy control
US20130086278A1 (en) * 2010-06-17 2013-04-04 Nokia Siemens Networks Oy Peer-to-peer system
US20130298206A1 (en) * 2010-10-01 2013-11-07 At&T Intellectual Property I, L.P. Apparatus and method for managing software applications of a mobile device server
US8584226B2 (en) * 2006-01-26 2013-11-12 Iorhythm, Inc. Method and apparatus for geographically regulating inbound and outbound network communications
US20130311549A1 (en) * 2001-12-13 2013-11-21 Rockstar Consortium Us Lp Framework for service personalization
US20140029420A1 (en) * 2012-07-25 2014-01-30 Samsung Electronics Co. Ltd. Method and apparatus for traffic offloading based on congestion in wireless communication system
US8665712B2 (en) * 2001-12-13 2014-03-04 Thomson Licensing Apparatus and methods for delayed network information transfer

Patent Citations (55)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5341477A (en) * 1989-02-24 1994-08-23 Digital Equipment Corporation Broker for computer network server selection
US5751963A (en) * 1996-03-29 1998-05-12 Mitsubishi Denki Kabushiki Kaisha Hierarchical network management system operating as a proxy agent for enhancing processing efficiency
US6735701B1 (en) * 1998-06-25 2004-05-11 Macarthur Investments, Llc Network policy management and effectiveness system
US20020147822A1 (en) * 1998-11-10 2002-10-10 Netscaler, Inc. Internet client-server multiplexer
US6411986B1 (en) * 1998-11-10 2002-06-25 Netscaler, Inc. Internet client-server multiplexer
US6954780B2 (en) * 1998-11-10 2005-10-11 Netscaler, Inc. Internet client-server multiplexer
US20020059428A1 (en) * 1998-11-10 2002-05-16 Netscaler, Inc. Internet client-server multiplexer
US6738908B1 (en) * 1999-05-06 2004-05-18 Watchguard Technologies, Inc. Generalized network security policy templates for implementing similar network security policies across multiple networks
US6678835B1 (en) * 1999-06-10 2004-01-13 Alcatel State transition protocol for high availability units
US6944183B1 (en) * 1999-06-10 2005-09-13 Alcatel Object model for network policy management
US6847609B1 (en) * 1999-06-29 2005-01-25 Adc Telecommunications, Inc. Shared management of a network entity
US7290028B2 (en) * 2000-08-24 2007-10-30 International Business Machines Corporation Methods, systems and computer program products for providing transactional quality of service
US20020046284A1 (en) * 2000-08-24 2002-04-18 Brabson Roy Frank Methods, systems and computer program products for providing transactional quality of service
US6820121B1 (en) * 2000-08-24 2004-11-16 International Business Machines Corporation Methods systems and computer program products for processing an event based on policy rules using hashing
US20110066718A1 (en) * 2000-10-18 2011-03-17 Susai Michel K Apparatus, method and computer program product for efficiently pooling connections between clients and servers
US20020065922A1 (en) * 2000-11-30 2002-05-30 Vijnan Shastri Method and apparatus for selection and redirection of an existing client-server connection to an alternate data server hosted on a data packet network (DPN) based on performance comparisons
US20020087657A1 (en) * 2000-12-28 2002-07-04 Hunt Galen C. Stateless distributed computer architecture with server-oriented state-caching objects maintained on network or client
US20020138551A1 (en) * 2001-02-13 2002-09-26 Aventail Corporation Distributed cache for state transfer operations
US20030065762A1 (en) * 2001-09-28 2003-04-03 Cable & Wireless Internet Services, Inc. Configurable adaptive global traffic control and management
US8645517B2 (en) * 2001-09-28 2014-02-04 Level 3 Communications, Llc Policy-based content delivery network selection
US20110145386A1 (en) * 2001-09-28 2011-06-16 Level 3 Communications, Llc Policy-Based Content Delivery Network Selection
US7822871B2 (en) * 2001-09-28 2010-10-26 Level 3 Communications, Llc Configurable adaptive global traffic control and management
US20080215718A1 (en) * 2001-09-28 2008-09-04 Level 3 Communications, Llc Policy-based content delivery network selection
US20080147866A1 (en) * 2001-09-28 2008-06-19 Level 3 Communications, Llc Distributing requests across multiple content delivery networks based on subscriber policy
US20130311549A1 (en) * 2001-12-13 2013-11-21 Rockstar Consortium Us Lp Framework for service personalization
US8665712B2 (en) * 2001-12-13 2014-03-04 Thomson Licensing Apparatus and methods for delayed network information transfer
US20040073596A1 (en) * 2002-05-14 2004-04-15 Kloninger John Josef Enterprise content delivery network having a central controller for coordinating a set of content servers
US20030229501A1 (en) * 2002-06-03 2003-12-11 Copeland Bruce Wayne Systems and methods for efficient policy distribution
US20040039803A1 (en) * 2002-08-21 2004-02-26 Eddie Law Unified policy-based management system
US7437441B1 (en) * 2003-02-28 2008-10-14 Microsoft Corporation Using deltas for efficient policy distribution
US7337465B2 (en) * 2003-03-11 2008-02-26 Hitachi, Ltd. Peer-to-peer communication apparatus and communication method
US20040181689A1 (en) * 2003-03-11 2004-09-16 Satoshi Kiyoto Peer-to-peer communication apparatus and communication method
US20060294575A1 (en) * 2003-09-11 2006-12-28 Rogers Paul J Method and apparatus for use in security
US20060010252A1 (en) * 2004-03-04 2006-01-12 Miltonberger Thomas W Geo-location and geo-compliance utilizing a client agent
US7685279B2 (en) * 2004-03-04 2010-03-23 Quova, Inc. Geo-location and geo-compliance utilizing a client agent
US20050240990A1 (en) * 2004-04-22 2005-10-27 Microsoft Corporation Systems and methods for managing networks
US20050289618A1 (en) * 2004-06-29 2005-12-29 Glen Hardin Method and apparatus for network bandwidth allocation
US20060167975A1 (en) * 2004-11-23 2006-07-27 Chan Alex Y Caching content and state data at a network element
US8584226B2 (en) * 2006-01-26 2013-11-12 Iorhythm, Inc. Method and apparatus for geographically regulating inbound and outbound network communications
US20070226775A1 (en) * 2006-02-07 2007-09-27 Cisco Technology, Inc. System and Method for Enforcing Policy in a Communication Network
US8042148B2 (en) * 2006-02-07 2011-10-18 Cisco Technology, Inc. System and method for enforcing policy in a communication network
US20080025261A1 (en) * 2006-03-17 2008-01-31 Yusun Kim Riley Distributed policy services for mobile and nomadic networking
US20070245409A1 (en) * 2006-04-12 2007-10-18 James Harris Systems and Methods for Providing Levels of Access and Action Control Via an SSL VPN Appliance
US20080070594A1 (en) * 2006-09-15 2008-03-20 Futurewei Technologies, Inc. SYSTEM AND METHOD FOR PAGING GROUP DIFFERENTIATION BY QoS SET GROUPING
US20080263180A1 (en) * 2007-04-19 2008-10-23 Hurst Mark B Apparatus, system, and method for resilient content acquisition
US20110058545A1 (en) * 2007-09-20 2011-03-10 Telefonaktiebolaget L M Ericsson (Publ) Policy routing in a communications network
US20100299451A1 (en) * 2007-12-01 2010-11-25 Cai Yigang Ims diameter router with load balancing
US20110294518A1 (en) * 2010-04-07 2011-12-01 Telefonaktiebolaget Lm Ericsson (Publ) Enhancement of Positioning Quality of Service
US20130086278A1 (en) * 2010-06-17 2013-04-04 Nokia Siemens Networks Oy Peer-to-peer system
US20110314144A1 (en) * 2010-06-22 2011-12-22 Verizon Patent And Licensing, Inc. Event detection and response using rich network content
US20130298206A1 (en) * 2010-10-01 2013-11-07 At&T Intellectual Property I, L.P. Apparatus and method for managing software applications of a mobile device server
US20120084342A1 (en) * 2010-10-01 2012-04-05 At&T Intellectual Property I, L.P. Apparatus and method for managing mobile device servers
US20120151056A1 (en) * 2010-12-14 2012-06-14 Verizon Patent And Licensing, Inc. Network service admission control using dynamic network topology and capacity updates
US20130036215A1 (en) * 2011-08-05 2013-02-07 Kupinsky Stuart H Methods, systems, and computer readable media for network metadata based policy control
US20140029420A1 (en) * 2012-07-25 2014-01-30 Samsung Electronics Co. Ltd. Method and apparatus for traffic offloading based on congestion in wireless communication system

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110282981A1 (en) * 2010-05-11 2011-11-17 Alcatel-Lucent Canada Inc. Behavioral rule results
US9386039B2 (en) * 2011-01-25 2016-07-05 Nec Corporation Security policy enforcement system and security policy enforcement method
US20130174218A1 (en) * 2011-01-25 2013-07-04 Nec Corporation Security policy enforcement system and security policy enforcement method
US9237068B2 (en) * 2011-01-30 2016-01-12 Blue Coat Systems, Inc. System and method for distributing heuristics to network intermediary devices
US20120198038A1 (en) * 2011-01-30 2012-08-02 Blue Coat Systems, Inc. System and method for distributing heuristics to network intermediary devices
US9037680B2 (en) * 2011-06-29 2015-05-19 Instart Logic, Inc. Application acceleration
US20150229732A1 (en) * 2011-06-29 2015-08-13 Instart Logic, Inc. Application acceleration
US9294581B2 (en) * 2011-06-29 2016-03-22 Instart Logic, Inc. Application acceleration
US20130007221A1 (en) * 2011-06-29 2013-01-03 Instart Inc. Application acceleration
US9438664B2 (en) * 2011-06-29 2016-09-06 Instart Logic, Inc. Application acceleration
US9521214B2 (en) 2011-09-20 2016-12-13 Instart Logic, Inc. Application acceleration with partial file caching
US9078092B2 (en) * 2011-09-23 2015-07-07 Rave Wireless, Inc. Routing engine for emergency communications
US20130077536A1 (en) * 2011-09-23 2013-03-28 Rave Wireless, Inc. Routing engine for emergency communications
US9680925B2 (en) 2012-01-09 2017-06-13 At&T Intellectual Property I, L. P. Methods and apparatus to route message traffic using tiered affinity-based message routing
US9654299B2 (en) * 2012-09-19 2017-05-16 Oracle International Corporation Execution framework for policy management
US20140082169A1 (en) * 2012-09-19 2014-03-20 Oracle International Corporation Execution framework for policy management
US20140164645A1 (en) * 2012-12-06 2014-06-12 Microsoft Corporation Routing table maintenance
US9407557B2 (en) * 2012-12-22 2016-08-02 Edgewater Networks, Inc. Methods and systems to split equipment control between local and remote processing units
US20140181267A1 (en) * 2012-12-22 2014-06-26 Edgewater Networks, Inc. Methods and systems to split equipment control between local and remote processing units
US10681009B2 (en) * 2013-01-11 2020-06-09 Centripetal Networks, Inc. Rule swapping in a packet network
US11539665B2 (en) 2013-01-11 2022-12-27 Centripetal Networks, Inc. Rule swapping in a packet network
US11502996B2 (en) 2013-01-11 2022-11-15 Centripetal Networks, Inc. Rule swapping in a packet network
US9661546B2 (en) 2014-01-29 2017-05-23 Mediatek Inc. Dynamic offload selection in mobile communication systems
EP3025548A4 (en) * 2014-01-29 2017-03-08 MediaTek Inc. Method of offload selection inheterogeneous wireless communication networks
WO2017142770A1 (en) * 2016-02-17 2017-08-24 Microsoft Technology Licensing, Llc Transfer of control of configuration sources
EP3796688A1 (en) * 2016-02-17 2021-03-24 Microsoft Technology Licensing, LLC Transfer of control of configuration sources
US10628174B2 (en) 2016-02-17 2020-04-21 Microsoft Technology Licensing, Llc Transfer of control of configuration sources
US10965548B2 (en) * 2019-02-27 2021-03-30 Bank Of America Corporation Network operational decision engine
CN110213131A (en) * 2019-06-05 2019-09-06 腾讯科技(深圳)有限公司 Bandwidth determining method, device, computer equipment and storage medium
US11832155B1 (en) * 2021-06-11 2023-11-28 T-Mobile Innovations Llc Consistent policy enforcement across networks
CN115102902A (en) * 2022-06-21 2022-09-23 北京天融信网络安全技术有限公司 Automatic switching method, device and analysis method for control strategy routing

Also Published As

Publication number Publication date
US8880666B2 (en) 2014-11-04

Similar Documents

Publication Publication Date Title
US8880666B2 (en) Method, policy request router, and machine-readable hardware storage device to select a policy server based on a network condition to receive policy requests for a duration
US10686683B2 (en) Distributed system to determine a server's health
JP6509219B2 (en) Methods, systems, and computer readable media for Diameter routing using software defined network (SDN) functionality
US9860130B2 (en) Methods, apparatuses, system, related computer program product for routing and processing policy requests related to group subscription
WO2018152919A1 (en) Path selection method and system, network acceleration node, and network acceleration system
CA2911597C (en) Selecting a content providing server in a content delivery network
EP3909204B1 (en) Technique for correlating network data analytics information
CN102281190B (en) Networking method for load balancing apparatus, server and client access method
US20120203864A1 (en) Method and Arrangement in a Communication Network for Selecting Network Elements
US11467922B2 (en) Intelligent snapshot generation and recovery in a distributed system
US20230362024A1 (en) Method of and a session management function for provisioning a user plane function, a method of and a user plane function for processing user traffic and a method of and charging function for charging user traffic
US8339956B2 (en) Method and apparatus for providing a centralized subscriber load distribution
US20230171347A1 (en) Subscription to changes in policy data
JP2022549055A (en) NODE RATE LIMITING METHOD, APPARATUS, ELECTRONIC DEVICE AND STORAGE MEDIUM
EP2789140A1 (en) Intelligent traffic quota management
CN104412560B (en) Network collocating method, apparatus and system based on SDN
US9842140B2 (en) Dynamic input streams handling in DSMS
WO2021083196A1 (en) Network traffic migration method and apparatus
US9813317B2 (en) Self-localizing data distribution network
CN110380981B (en) Flow distribution method and equipment
WO2012175140A1 (en) Gateway selection for load balancing
Seyyed Hashemi et al. Analytical characterization of cache replacement policy impact on content delivery time in information‐centric networks
US20210297345A1 (en) Egress Traffic Steering Controller
CN111147617A (en) Method and system for distributing addresses based on DHCP server cluster load
CN117155599A (en) Service chain construction method, service access method, related device, equipment and medium

Legal Events

Date Code Title Description
AS Assignment

Owner name: AT&T INTELLECTUAL PROPERTY I, L.P., NEVADA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:AARON, JEFFREY A.;STREIJL, ROBERT C.;REEL/FRAME:025425/0103

Effective date: 20101028

STCF Information on status: patent grant

Free format text: PATENTED CASE

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551)

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8